Security Experts:

Java Attacks Jump as User Patching Lags: Kaspersky Lab

A new study by researchers with Kaspersky Lab found that the number of attacks on their customers exploiting Java reached more than 14 million between September 2012 and August 2013.

The situation may be exacerbated by many users not keeping up to date with patches. According to Kaspersky Lab, of the 161 vulnerabilities detected in various versions of Java during the life of the study, most were in versions 1.5, 1.6 and 1.7, which are the most prevalent versions of the software.

"Remarkably, SE 6 U37 — released back in October 2012 — was the most recent version of Java 1.6 in the Top 10 most commonly used versions," according to the report. "The conclusions are obvious: one and a half months after the release of the latest version of Java, most users are still working with vulnerable versions."

Java security has had a rough year from both a security and a public relations standpoint. The presence of high-profile vulnerabilities and activity by attackers arming exploit kits with attack code prompted Oracle in January to pledge security improvements and additional outreach to educate the Java user community.

According to Kaspersky, the increase in attacks represents more than 33 percent increase since September 2011 and August 2012. Fifty percent of all the attacks were launched using just six families of Java exploits.

Most of the attacks (80 percent) between occurred in 10 countries, with the top three being the United States, Russia and Germany.  

A slight uptick in attacks was detected between March and August, when 8.54 million of the attacks were observed. During that period, 31.14 percent of the attacks were traced to servers hosted in the United States. Roughly 18 percent of the attacks were found to have originated in Russia.

"Oracle has patched all critical vulnerabilities, and information about these patches was disclosed during the period addressed in this report," Kaspersky's report noted. "In some cases, just a couple of days passed before a patch was released. All the same, the number of attacks and the number of users subjected to these attacks continued to rise."

view counter